﻿<%@ Application Language="C#" %>

<script RunAt="server">

    void Application_Start(object sender, EventArgs e)
    {
        HZ.Supervise.IBLL.IBLL_PreWarning war = HZ.Supervise.BLLFactory.IBLL_PreWarning();
        war.Insert_WarningData();

        System.Timers.Timer time = new System.Timers.Timer();
        time.Interval = 3600000;
        time.Elapsed += new System.Timers.ElapsedEventHandler(time_Elapsed);
        time.Start();

        System.Threading.Timer timer2 = new System.Threading.Timer(new System.Threading.TimerCallback(TimeCallBack));
        DateTime dt = DateTime.Now;
        DateTime next = dt.AddDays(1).Date;
        timer2.Change(DateDiff(next, dt), 86400000);
    }
    /// <summary>
    /// 获取2个时间的间隔
    /// </summary>
    /// <param name="DateTime1"></param>
    /// <param name="DateTime2"></param>
    /// <returns></returns>
    private int DateDiff(DateTime DateTime1, DateTime DateTime2)
    {


        TimeSpan ts1 = new TimeSpan(DateTime1.Ticks);
        TimeSpan ts2 = new TimeSpan(DateTime2.Ticks);
        TimeSpan ts = ts1.Subtract(ts2).Duration();


        return ts.Seconds;
    }


    private void TimeCallBack(object obj)
    {

        //// todo add 刷新数据
       // HZ.Supervise.BLL.BLL_MessageTypeDetail bllMess = new HZ.Supervise.BLL.BLL_MessageTypeDetail();

       //bllMess.InsertIntoMessageSend();//插入根据规则查出的消息
    }

    void time_Elapsed(object sender, System.Timers.ElapsedEventArgs e)
    {
        //HZ.Supervise.IBLL.IBLL_PreWarning war = HZ.Supervise.BLLFactory.IBLL_PreWarning();
        //war.Insert_WarningData();
    }

    void Application_End(object sender, EventArgs e)
    {
        //在应用程序关闭时运行的代码

    }

    void Application_Error(object sender, EventArgs e)
    {
        //在出现未处理的错误时运行的代码
        System.Configuration.Configuration config = System.Web.Configuration.WebConfigurationManager.OpenWebConfiguration("~/Web.config");
        System.Web.Configuration.CustomErrorsSection customErrors = (System.Web.Configuration.CustomErrorsSection)config.GetSection("system.web/customErrors");
        if (customErrors != null && (customErrors.Mode == System.Web.Configuration.CustomErrorsMode.On || customErrors.Mode == System.Web.Configuration.CustomErrorsMode.RemoteOnly))
        {
            System.Web.HttpApplication app = (HttpApplication)sender;
            System.Exception lastError = app.Server.GetLastError();
            System.Web.HttpException httpEx = (HttpException)lastError;
            if (httpEx != null)
            {
                int httpErrorCode = httpEx.GetHttpCode();

                string redirect = customErrors.DefaultRedirect;

                foreach (System.Web.Configuration.CustomError error in customErrors.Errors)
                {
                    if (error.StatusCode == httpErrorCode) redirect = error.Redirect;
                }
                app.Server.ClearError();
                app.Context.Response.StatusCode = httpErrorCode;
                Server.Transfer(redirect);
            }
        }
    }

    void Session_Start(object sender, EventArgs e)
    {
        //在新会话启动时运行的代码

    }

    void Session_End(object sender, EventArgs e)
    {
        //在会话结束时运行的代码。 
        // 注意: 只有在 Web.config 文件中的 sessionstate 模式设置为
        // InProc 时，才会引发 Session_End 事件。如果会话模式 
        //设置为 StateServer 或 SQLServer，则不会引发该事件。

    }

    private void Inject_Handle(string str, string src)
    {
        //将状态改成400，即错误的请求
        HttpContext.Current.Response.StatusCode = 400;
        HttpContext.Current.Response.Write("<center><span style=\"font-size: 13px; font-family: Arial;\">Http安全模块信息检测：系统检测到非法字符串输入。<br />");
        //HttpContext.Current.Response.Write(string.Format("非法字符串信息：{0}<br />", str));
        HttpContext.Current.Response.Write("<a href=\"\">返回主页</a></span></center>");
        //log4netManager.LogWarn("HttpMpdule", string.Format("SQL注入攻击检测：注入IP:{0}，注入内容： {1}，来源：{2}", Fun.GetClientIP(), str, src), null);
        HttpContext.Current.Response.End();
    }

    protected void Application_BeginRequest(object sender, EventArgs e)
    {
        //添加验证 liangz
        HZ.Common.SqlChecker sqlChecker = new HZ.Common.SqlChecker(this.Request, this.Response);
        sqlChecker.Check();

        if ((HttpContext.Current.Request.Form.Count > 0) && ((HttpContext.Current.Request.UrlReferrer == null) || (string.Compare(HttpContext.Current.Request.UrlReferrer.Host, HttpContext.Current.Request.Url.Host, true) != 0)))
        {
            //将状态改成400，即错误的请求
            HttpContext.Current.Response.StatusCode = 400;
            HttpContext.Current.Response.Write("系统检测到非法提交");
            //log4netManager.LogWarn("HttpMpdule", string.Format("非法提交：IP地址：{0}，URL：{1}", Fun.GetClientIP(), HttpContext.Current.Request.Url.ToString()), null);
            HttpContext.Current.Response.End();
        }
        foreach (string str in HttpContext.Current.Request.QueryString)
        {
            if (str != HZ.DrugTrade.Web.Constants.QUERYSTRING_RETURN_URL) //returnUrl不做检查，防止误报
            {
                if (HZ.Fun2.MaySqlInject(HttpContext.Current.Request.QueryString[str].ToString()))
                {
                    this.Inject_Handle(HttpContext.Current.Request.QueryString[str].ToString(), "QueryString");
                }
            }
        }
        foreach (string str2 in HttpContext.Current.Request.Form)
        {
            if ((!(str2 == "__VIEWSTATE") && !(str2 == "__EVENTVALIDATION")) && HZ.Fun2.MaySqlInject(HttpContext.Current.Request.Form[str2].ToString()))
            {
                this.Inject_Handle(HttpContext.Current.Request.Form[str2].ToString(), "Form");
            }
        }
        foreach (string str3 in HttpContext.Current.Request.Cookies)
        {
            if (HZ.Fun2.MaySqlInject(HttpContext.Current.Server.UrlDecode(HttpContext.Current.Request.Cookies[str3].Value)))
            {
                this.Inject_Handle(HttpContext.Current.Request.Cookies[str3].ToString(), "Cookies");
            }
        }

    }
       
</script>

